Cyber espionage; how safe are we really?

Photo by: Will Gentry

Mandiant, an American cyber security firm, recently unveiled one of the world’s most prolific hacking groups as a Chinese military unit.

According to the over 60-page report, “APT1 Exposing One of China’s Cyber Espionage Units,” Mandiant has pinpointed the group that has stolen hundreds of terabytes of data from at least 141 mostly American organizations to an exact Shanghai, China location.

Mandiant has followed the group, named in the report as “Advanced Persistent Threat One,” or APT1, since 2006 and have found them to be the People’s Liberation Army Unit 61398.

“The sheer scale and duration of sustained attacks against such a wide set of industries from a singularly identified group based in China leaves little doubt about the organization behind APT1,” the report said. “We believe the totality of the evidence we provide in this document bolsters the claim that APT1 is Unit 61398.”

Grant Tucker, a senior electrical engineering major, saw the issue as much deeper.

“It’s not only a war of governments, but it’s a war of individuals,” Tucker said of the supposed cyber war taking place. “Someone just like me can get on a computer and start writing viruses that can break down a government’s online defenses.”

Many hacking groups and individuals are not government based.

Cameron Mara, a junior computer science major, said the whole thing “sounds very Cold War-esque.” He said an individual could have as much power as a government when online.

“It’s weird because in the realm of technology the person with the most power isn’t necessarily the person with the most money,” Mara said. “It helps a lot being a government with a lot of resources and a lot of very skilled people, but there will always be people who are just really good with computers – who can do nearly whatever they want on the Internet.”

With a seemingly digital cyber cold war transpiring between many nations, some students are doubtful of their own Internet security.

“How safe you are depends on how much you trust using your computer,” Aufiero said. “It’s obviously safer to snail-mail things rather than using Internet resources for sensitive information. You also shouldn’t be too paranoid about it either.”

Having less personal information online is usually better, Auferio said.

“I feel like people trust those too much,” Aufiero said of social media sites. “I think people need to be more cautious about what they post.”

One of the biggest threats to students online is identity theft. Many hackers look for certain personal information that could lead to monetary gain.

Tucker said students need to better utilize security tools that sites like Facebook offer.

“They have really good tools now,” Tucker said of Facebook. “If I want, I can select OC, so only people who have said they are a part of OC can see certain statuses that I post. Most of the time I don’t post a status on a public level.”

Students should also be aware of the site’s rules and regulations regarding privacy.

“Check frequently to see when they changed the site settings,” Tucker said. “Make sure that you understand what’s being shown to everybody and what’s not. Make sure not to give away too much information.”

Sometimes the safest way to communicate sensitive information is to revert back to older formats, he said.

“That’s when the good ‘ol cell phone or snail mail is a little more safe,” Tucker said. “You can actually know that exactly that person is able to see that. Sometimes you don’t think of who’s going to see what you post.”

Tucker said he is unsure as to how well Oklahoma Christian’s systems are secure, but any system needs continual updating and checking.

“There does need to be, from time to time, a reevaluation because things are constantly changing,” Tucker said. “Systems that are currently sufficient do get outdated, so basically you’re trying to combat a gun with a sword.”

According to Tucker, one of the best ways students can stay safe online is being conscious of what they’re doing online.

“There’s no perfect fix,” Tucker said. “You just want to make sure that you’re not leaving yourself open for risk.”